Cyber Security Division shields attacks on Marine Corps network

MARINE CORPS BASE CAMP LEJEUNE, N.C. - War has been waged throughout history, and new tactics and technology emerge to provide an upper hand against one’s opposition. Unremitting innovations of one’s combative tools and elements are reactive and proactive measures that address the evolving wares and strategies of the adversary in order to maintain dominance and win the battle. In this day and age, the Internet has become the battlefield in a cyber war, and hackers, armed with computer viruses, prove to be an asymmetric threat difficult to defend against. On May 8, 2000, the Department of Defense reported that four of their classified networks were infected with the “love bug” virus. It is estimated that the email virus caused some $10 billion in losses in as many as 20 countries. Although the DOD has some of the best defenses against cyber attacks, the possibility of having its systems infiltrated remain. The Marine Corps Installation East Cyber Security Division is constantly working to prevent Marine Corps Base Camp Lejeune’s network cyber security from being compromised. “Eight years ago we had around 60 to 70 (cyber) attacks a year,” said Sean Gilligan, information technician with Cyber Security Division, MCB Camp Lejeune. “Now, we’d be lucky to see less than one in a day.” Viruses can be used to gain access to networks to obtain information. The variety of avenues to spread malware only makes infiltration of systems of any kind easier. “We can only do so much to protect and prevent an infiltration of our system,” said Seth Thigpen, information technician with Cyber Security Division, MCB Camp Lejeune. “It’s also the users’ responsibility to make sure malware doesn’t find its way onto our (government computers).” Thigpen said there are programs that exploit vulnerabilities or crack passwords called root-kits to gain access to a network without being detected by antivirus software. Once a root-kit is installed, it allows the attacker to mask the intrusion, gain access to the computer and possibly other machines on the network. Thigpen said he actually had a root-kit infiltrate his personal computer. The Marine Corps has implemented cyber awareness training courses on MarineNet to include, Information Assurance Awareness training and Personally Identifiable Information and Careless Keystrokes Can Kill. These courses cover topics such as official use of government computers, recognizing suspicious emails and how devices, such as thumb drives and phones, should never be connected to government computers. “Anyone’s phone could have an embedded virus,” said Thigpen. “Just because you don’t see it, doesn’t mean it’s not there. You could plug your phone to a computer and cause an infection. If someone decides to plug up their phone (to a government computer), we’ll see it and they’ll receive a call from us.” The Cyber Security Division is constantly monitoring the activity on all of MCB Camp Lejeune’s government computers. “We see everything,” said Jason Norris, information technician with Cyber Security Division, MCB Camp Lejeune. “We can see all the websites you’ve visited, the emails you’ve sent and we can even see the type of phone you have when you plug to one our computers.” Cyber Security staff said they track all activity and even though many people think they’re getting away with the misuse of government computers and a government network, they’re only building themselves a record of discrepancies while security staff is busy catching bigger fish. They added that there has been a large decline in the number of discrepancies recorded. In order to improve the cyber security, the proper use of the computers and networks must be enforced. Cyber Security staff asks users to help protect the network by watching out for suspicious activity, updating their government computers and completing and understanding all of the required cyber awareness training. “We also provide free antivirus software to all military personnel to help protect their person computers,” said Gilligan. “There are also (patrons) who e-mail themselves work to do at home, and this keeps both government and personal computers protected from malware when documents are exchanged.” The MCI East Cyber Security Division mission is to ensure the confidentiality, integrity and availability of all data. User awareness is also important to maintaining and increasing network security, and the combined effort from the Cyber Security Division and Marine Corps network users will promote efficient proactive and reactive responses to threats. The Cyber Security Division will be hosting the annual Information Assurance Cyber Awareness Training at the Base Theater, Nov. 2 through 4. Military personnel can obtain free antivirus software at www.disa.mil/antivirus/homeuse.html. For more information on cyber security call 451-7050.